CVE-2026-2169

A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

Konica Bizhub Multifunction Printers Infinite Loop of Messages Between Servers (CVE-2024-2169)

Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...

EUVD-2026-2169

Improper access control in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

CVE-2019-2169

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2025-2169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-2169

A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and earlier does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability...

CVE-2008-2169

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service dropped session via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372...

CVE-2025-2169

creationtimestamp| type| source ---|---|--- 2025-03-11 05:36:15+00:00| published-proof-of-concept| Telegram/nGCSDP4vCltArA3VXeokA5jE1t269Apyi28mkZBPrFAwc4I 2025-03-11 07:35:34+00:00| seen| https://t.me/cvedetector/20031 2025-03-11 08:00:33+00:00| seen|...

CVE-2025-2169 WPCS – WordPress Currency Switcher Professional <= 1.2.0.4 - Unauthenticated Arbitrary Shortcode Execution

The The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running...

Mageia: Security Advisory (MGASA-2024-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated webmin package fixes security vulnerability

CVE-2024-2169: Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources...

RHEL 9 : xorg-x11-server (RHSA-2024:2169)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2169 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...

SUSE CVE-2024-2169

Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources...

CVE-2024-2169

creationtimestamp| type| source ---|---|--- 2024-03-20 11:53:17+00:00| seen| https://t.me/truesecator/5542 2024-03-21 13:26:37+00:00| seen| https://t.me/itsecnews/4223 2024-09-05 07:06:38+00:00| seen| https://t.me/CyberBulletin/548 2024-09-05 19:00:06+00:00| published-proof-of-concept|...

CVE-2024-2169 Implementations of UDP application protocols are susceptible to network loops and denial of service

Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources...

Amazon Linux 2 : qemu (ALAS-2023-2169)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2169 advisory. An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the...

CVE-2023-2169

CVE-2023-2169 affects TaxoPress (WordPress) via Stored XSS in Related Posts. The issue arises from insufficient input sanitization and output escaping, exploitable by authenticated attackers with Editor+ to inject scripts that run on pages viewed by users. Affected versions: up to 3.6.4. Patch/mi...

CVE-2023-2169 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting

The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Related Posts functionality in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to...

WordPress TaxoPress Plugin < 3.6.5 is vulnerable to Cross Site Scripting (XSS)

Software TaxoPress Type Plugin Vulnerable versions 3.6.5 Fixed in 3.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2169 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 69efcb4014c3 Credits Ivan Kuzymchak Required privileg...

CVE-2022-2169

creationtimestamp| type| source ---|---|--- 2022-07-17 14:28:01+00:00| seen| https://t.me/cibsecurity/46401...